#!/bin/bash

apt -y install haproxy

sudo sed -i 's/^CONFIG=/#_#CONFIG=/' /etc/default/haproxy
sudo sed -i '1i\CONFIG="/etc/haproxy"' /etc/default/haproxy

sudo service haproxy restart

### fail2ban ###

sh -c "echo '
[Definition]
failregex = \\shaproxy\\[\\d+]:\\s<HOST>:\\d+\\s\\[.+\\s\\d+/\\d+/\\d+/\\d+/\\d+\\s4\\d\\d
ignoreregex =
' > /etc/fail2ban/filter.d/haproxy-http-request.conf"

sh -c "echo '
[haproxy-http-request]
enabled = true
filter  = haproxy-http-request
logpath = /var/log/haproxy.log
maxretry = 5
bantime = 24h
findtime = 5m
' > /etc/fail2ban/jail.d/haproxy-http-request.conf"

service fail2ban restart

